On 10/18/07, Kevin Kofler <kevin kofler chello at> wrote:
> You have a point there, but isn't that use case better served by encrypting the
> entire home directory, not just the keyring/wallet? Many users have plenty of
> sensitive data outside the keyring/wallet too.
Personally, I'd prefer a dedicated encrypted directory under home
directories. Like say encrypting Documents by default or having a
secured area that xdg enabled apps can be instructed to use or not.
On systems that I act as admin encrypted home directories are going to
cause problems when i need to help a user with something...even
primarily single user systems where I am not the primary user. Having
to unencrypt a user's home directory to troubleshoot things like gconf
or other settings stored in user's home directory would be a huge
frelling pain in the ass. I really don't think encrypting the whole
home directory by default for general use is a good idea..even on a
laptop.
In any event, i would prefer to continue to use a passphrase on my
keyring and also relevation's key file, and be able to unlock both at
login.
-jef